﻿using System;
using System.Collections.Generic;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Threading.Tasks;
using abp.Login;
using abp.User.Dto;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Volo.Abp.Application.Dtos;
using Volo.Abp.Authorization.Permissions;
using Volo.Abp.Security.Claims;

namespace abp.Controllers
{
    [Route("api/[controller]")]
    [ApiController]
    public class LoginController : abpController
    {
        private readonly IPermissionDefinitionManager permissionDefinitionManager;
        private readonly ILoginService loginService;
        private readonly ICurrentPrincipalAccessor currentPrincipalAccessor;

        public LoginController(IPermissionDefinitionManager permissionDefinitionManager, ILoginService loginService, ICurrentPrincipalAccessor currentPrincipalAccessor)
        {
            this.permissionDefinitionManager = permissionDefinitionManager;
            this.loginService = loginService;
            this.currentPrincipalAccessor = currentPrincipalAccessor;
        }

        [HttpPost]
        [Route("Login")]
        [AllowAnonymous]
        public async Task LoginAsync(LoginDtoInput input)
        {
            LoginUserDto user = await loginService.CheckUserNameAndPasswordAsync(input.UserName, input.Password);

            if (IsLogin())
            {
                if (HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value != input.UserName)
                {
                    await LoginOutAsync();
                }
            }

            var claims = new List<Claim>()
            {
                new Claim(ClaimTypes.NameIdentifier,user.Id.ToString()),
                new Claim(ClaimTypes.Name,user.UserName),
                new Claim(ClaimTypes.Email,DateTime.Now.ToLongTimeString())
            };
            ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
            AuthenticationProperties properties = new AuthenticationProperties()
            {
                
            };
            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
                new ClaimsPrincipal(claimsIdentity), properties);

            //在mongoDB中缓存当前用户
        }

        [HttpGet]
        [Route("loginOut")]
        public async Task LoginOutAsync()
        {
            await HttpContext.SignOutAsync(
                CookieAuthenticationDefaults.AuthenticationScheme);

            //在MongoDb中移除当前用户
        }

        private bool IsLogin()
        {
            Claim claim = HttpContext.User.FindFirst(ClaimTypes.NameIdentifier);
            if (claim == null)
            {
                return false;
            }
            else
            {
                if (string.IsNullOrEmpty(claim.Value)) return false;
                return true;
            }
        }
    }
}